short-paper

Issues Encountered Deploying Differential Privacy

Authors:

Simson L. Garfinkel,

Sarah PowazekAuthors Info & Claims

WPES'18: Proceedings of the 2018 Workshop on Privacy in the Electronic Society

Pages 133 - 137

https://doi.org/10.1145/3267323.3268949

Published: 15 January 2018 Publication History

Abstract

When differential privacy was created more than a decade ago, the motivating example was statistics published by an official statistics agency. In attempting to transition differential privacy from the academy to practice, the U.S. Census Bureau has encountered many challenges unanticipated by differential privacy's creators. These challenges include obtaining qualified personnel and a suitable computing environment, the difficulty accounting for all uses of the confidential data, the lack of release mechanisms that align with the needs of data users, the expectation on the part of data users that they will have access to micro-data, and the difficulty in setting the value of the privacy-loss parameter, ? (epsilon), and the lack of tools and trained individuals to verify the correctness of differential privacy implementations.

References

[1]

2018. Restricted-Use Microdata. https://www.census.gov/research/data/ restricted_use_microdata.html#CRE1 Last Accessed July 14, 2018.

[2]

John Abowd. 2016. Why Statistical Agencies Need to Take Privacy-loss Budgets Seriously, and What It Means When They Do. Labor Dynamics Institute (Dec. 7 2016). http://digitalcommons.ilr.cornell.edu/ldi/32/

[3]

John Abowd. 2017. How Will Statistical Agencies Operate When All Data Are Private? Journal of Privacy and Confidentiality 7 (2017). Issue 3.

[4]

John M. Abowd and Ian M. Schmutte. {n. d.}. An Economic Analysis of Privacy Protection and Statistical Accuracy as Social Choices. American Economic Review ({n. d.}). https://arxiv.org/abs/1808.06303 forthcoming.

[5]

Katherine G. Abraham, Ron Haskins, Sherry Glied, Robert M. Groves, Robert Hahn, Hilary Hoynes, Jeffrey B. Liebman, Bruce D. Meyer, Ron Haskins, Paul Ohm, Nancy Potok, Kathleen Rice Mosier, Robert J. Shea, Latanya Sweeney, Kenneth R. Troske, and Kim R. Wallin. 2017. The Promise of Evidence-Based Policymaking. Comission on Evidence-Based Policymaking, Washington, DC. https://www.cep.gov/cep-final-report.html

[6]

Fredrik Andersson, John M. Abowd, Matthew Graham, Jeremy Wu, and Lars Vilhuber. 2009. Formal Privacy Guarantees and Analytical Validity of OnTheMap Public-use Data. In Joint NSF-Census-IRS Workshop on Synthetic Data and Confidentiality Protection. Cornell University, Suitland, MD. https://ecommons.cornell. edu/handle/1813/47672

[7]

2017. Differential Privacy. Apple Computer. https://www.apple.com/privacy/ docs/Differential_Privacy_Overview.pdf

[8]

Yvonne M. Bishop, Stephen E. Fienberg, and Paul W. Holland. 1974. Discrete Multivariate Analysis: Theory and Practice. Springer. https://www.springer.com/ us/book/9780387728056

[9]

Bolin Ding, Jana Kulkarni, and Sergey Yekhanin. 2017. Collecting telemetry data privately. https://www.microsoft.com/en-us/research/blog/ collecting-telemetry-data-privately/

[10]

Cynthia Dwork, Frank McSherry, Kobbi Nissim, and Adam Smith. 2006. Calibrating Noise to Sensitivity in Private Data Analysis. In Proceedings of the Third Conference on Theory of Cryptography (TCC'06). Springer-Verlag, Berlin, Heidelberg, 265--284.

Digital Library

[11]

Cynthia Dwork and Aaron Roth. 2014. The Algorithmic Foundations of Differential Privacy. In Foundations and Trends in Theoretical Computer Science, Vol. 9. NOW, 211--407.

Digital Library

[12]

Úlfar Erlingsson, Vasyl Pihur, and Aleksandra Korolova. 2014. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS '14). ACM, New York, NY, USA, 1054--1067.

Digital Library

[13]

FCSM 2005. Working Paper 22: Report on Statistical Disclosure Limitation Methodology. Technical Report. Federal Committee on Statistical Methodology. https://fcsm.sites.usa.gov/reports/policy-wp/

[14]

Simson L. Garfinkel. 2018. Modernizing Disclosure Avoidance: Report on the 2020 Disclosure Avoidance System as Implemented for the 2018 End-to-End Test. https://www.census.gov/about/cac/sac/meetings/2017-09-meeting.html

[15]

Amy Lauger, Billy Wisniewski, and Laura McKenna. 2014. Disclosure Avoidance Techniques at the U.S. Census Bureau: Current Practices and Research. Technical Report. U.S. Census Bureau. https://www.census.gov/srd/CDAR/cdar2014-02_ Discl_Avoid_Techniques.pdf

[16]

Ashwin Machanavajjhala, Xi He, and Michael Hay. 2017. Differential Privacy in the Wild: A Tutorial on Current Practices & Open Challenges. In Proceedings of the 2017 ACM International Conference on Management of Data (SIGMOD '17). ACM, New York, NY, USA, 1727--1730.

Digital Library

[17]

Frank McSherry. 2009. Privacy Integrated Queries, In Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data (SIGMOD). https://www.microsoft.com/en-us/research/publication/ privacy-integrated-queries/

Digital Library

[18]

Thomas Mule. 2012. Census Coverage Measurement Estimation Report: Summary of Estimates of Coverage for Persons in the United States. Technical Report. U.S. Census Bureau. https://www.census.gov/coverage_measurement/pdfs/g01.pdf

[19]

Kobbi Nissim, Thomas Steinke, Alexandra Wood, Micah Altman, Aaron Bembenek, Mark Bun, Marco Gaboardi, David O'Brien, and Salil Vadhan. 2018. Differential Privacy: A Primer for a Non-technical Audience (Preliminary Version). Vanderbilt Journal of Entertainment and Technology Law (2018). Forthcoming.

[20]

U.S. Census Bureau 2012. 2010 Census Summary File 1: 2010 Census of Population and Housing, Technical Documentation. Technical Report. U.S. Census Bureau. https://www.census.gov/prod/cen2010/doc/sf1.pdf

[21]

US Census Bureau 2017. Administrative Records Modeling Update for the Census Scientific Advisory Committee. Technical Report. US Census Bureau. https: //www2.census.gov/cac/sac/meetings/2017-03/admin-records-modeling.pdf

[22]

U.S. Census Bureau. 2017. Our Mission. https://www.census.gov/about/what. html

Cited By

Gupta BHan CChaurasia P(2024)Privacy-Preserving Techniques and User Anonymity in the MetaverseMetaverse Security Paradigms10.4018/979-8-3693-3824-7.ch012(304-317)Online publication date: 21-Aug-2024
https://doi.org/10.4018/979-8-3693-3824-7.ch012
Mudassar BTahir SKhan FShah SShah SAbbasi Q(2024)Privacy-Preserving Data Analytics in Internet of Medical ThingsFuture Internet10.3390/fi1611040716:11(407)Online publication date: 5-Nov-2024
https://doi.org/10.3390/fi16110407
Eiermann M(2024)The Impact of Data Suppression Rules on Data Access and Re-Identification Risk in Adoption and Foster Care Analysis and Reporting System Annual FilesChild Maltreatment10.1177/10775595241270042Online publication date: 29-Jul-2024
https://doi.org/10.1177/10775595241270042
Show More Cited By

Index Terms

Issues Encountered Deploying Differential Privacy

Recommendations

Randomness Concerns when Deploying Differential Privacy
WPES'20: Proceedings of the 19th Workshop on Privacy in the Electronic Society

The U.S. Census Bureau is using differential privacy (DP) to protect confidential respondent data collected for the 2020 Decennial Census of Population & Housing. The Census Bureau's DP system is implemented in the Disclosure Avoidance System (DAS) and ...
An Emerging Strategy for Privacy Preserving Databases: Differential Privacy
HCI for Cybersecurity, Privacy and Trust
Abstract
Data De-identification and Differential Privacy are two possible approaches for providing data security and user privacy. Data de-identification is the process where the personal identifiable information of individuals is extracted to create ...
A Novel Differential Privacy Approach that Enhances Classification Accuracy
C3S2E '16: Proceedings of the Ninth International C* Conference on Computer Science & Software Engineering

In the recent past, there has been a tremendous increase of large repositories of data, examples being in healthcare data, consumer data from retailers, and airline passenger data. These data are continually being shared with interested parties, either ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WPES'18: Proceedings of the 2018 Workshop on Privacy in the Electronic Society

October 2018

190 pages

ISBN:9781450359894

DOI:10.1145/3267323

General Chairs:
David Lie
University of Toronto, Canada
,
Mohammad Mannan
Concordia University, Canada
,
Program Chair:
Aaron Johnson
U.S. Naval Research Laboratory, USA

Copyright © 2018 ACM.

Publication rights licensed to ACM. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of the United States government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 January 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Funding Sources

US Census Bureau
Massachusetts Institute of Technology

Conference

CCS '18

Sponsor:

SIGSAC

CCS '18: 2018 ACM SIGSAC Conference on Computer and Communications Security

October 15, 2018

Toronto, Canada

Acceptance Rates

WPES'18 Paper Acceptance Rate 11 of 25 submissions, 44%;

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

60
Total Citations
View Citations
1,036
Total Downloads

Downloads (Last 12 months)97
Downloads (Last 6 weeks)12

Reflects downloads up to 11 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gupta BHan CChaurasia P(2024)Privacy-Preserving Techniques and User Anonymity in the MetaverseMetaverse Security Paradigms10.4018/979-8-3693-3824-7.ch012(304-317)Online publication date: 21-Aug-2024
https://doi.org/10.4018/979-8-3693-3824-7.ch012
Mudassar BTahir SKhan FShah SShah SAbbasi Q(2024)Privacy-Preserving Data Analytics in Internet of Medical ThingsFuture Internet10.3390/fi1611040716:11(407)Online publication date: 5-Nov-2024
https://doi.org/10.3390/fi16110407
Eiermann M(2024)The Impact of Data Suppression Rules on Data Access and Re-Identification Risk in Adoption and Foster Care Analysis and Reporting System Annual FilesChild Maltreatment10.1177/10775595241270042Online publication date: 29-Jul-2024
https://doi.org/10.1177/10775595241270042
Guo WKishore AAviv AMazurek MLuo BLiao XXu JKirda ELie D(2024)A Qualitative Analysis of Practical De-Identification GuidesProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690270(1611-1625)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3690270
Abdu AChambers LMulligan DJacobs A(2024)Algorithmic Transparency and Participation through the Handoff Lens: Lessons Learned from the U.S. Census Bureau’s Adoption of Differential PrivacyProceedings of the 2024 ACM Conference on Fairness, Accountability, and Transparency10.1145/3630106.3658962(1150-1162)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3630106.3658962
Gadotti ARocher LHoussiau FCreţu Ade Montjoye Y(2024)Anonymization: The imperfect science of using data while preserving privacyScience Advances10.1126/sciadv.adn705310:29Online publication date: 19-Jul-2024
https://doi.org/10.1126/sciadv.adn7053
Madhusudhanan SJose ASahoo JMalekian R(2024)PRIMϵ: Novel Privacy-Preservation Model With Pattern Mining and Genetic AlgorithmIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.332476919(571-585)Online publication date: 2024
https://doi.org/10.1109/TIFS.2023.3324769
Ashena NInel OPersaud BBernstein A(2024)Casual Users and Rational Choices within Differential Privacy2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00088(932-950)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00088
Torkamani SEbrahimi JSadeghi PD’Oliveira RMédard M(2024)Optimal Binary Differential Privacy via GraphsIEEE Journal on Selected Areas in Information Theory10.1109/JSAIT.2024.33841835(162-174)Online publication date: 2024
https://doi.org/10.1109/JSAIT.2024.3384183
Sakib SGhosh T(2024)Evaluation of Privacy-Utility Tradeoff in Generative Adversarial Network Variants2024 12th International Symposium on Digital Forensics and Security (ISDFS)10.1109/ISDFS60797.2024.10527266(1-6)Online publication date: 29-Apr-2024
https://doi.org/10.1109/ISDFS60797.2024.10527266
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten